Mobile integrated distribution and transaction system and method for nfc services, and a mobile electronic device thereof

ABSTRACT

A mobile integrated distribution and transaction system and method for NFC services are described. The system comprises a server for creating a widget having a lifecycle and a certificate, distributing the widget, and retrieving the widget information used on NFC transactions; and at least one mobile electronic device having a transaction terminal comprising a NFC modem and at least one secure element for storing a plurality of secure applications, and a virtual machine for managing the widget and changing the widget information during the valid lifecycle while the NFC modem is enabling the NFC transactions with the secure element under a specific secure application.

CROSS-REFERENCE TO RELATED APPLICATIONS

This non-provisional application is a continuation-in-part of U.S.patent application Ser. No. 12/965,597, filed Dec. 10, 2010, whichclaims priority under 35 U.S.C. §119(a) to Patent Application No(s).098142439 filed in Taiwan, R.O.C. on Dec. 11, 2009, which are herebyincorporated by reference in their respective entireties.

FIELD OF THE INVENTION

The present invention relates to an integrated distribution andtransaction system and method, and more particularly, to a mobileintegrated distribution and transaction system and method for NFC(Near-Field Communication) services, and a mobile electronic devicethereof.

DESCRIPTION OF THE PRIOR ART

Near Field Communication (WC) is a new, short-range wirelessconnectivity technology that evolved from a combination of existingcontactless identification and interconnection technologies. Productswith built-in NFC will dramatically simplify the way consumer devicesinteract with one another, helping people speed connections, receive andshare information and even make fast and secure payments.

Operating at 13.56 MHz and transferring data at up to 424 Kbits/second,NFC provides intuitive, simple, and safe communication betweenelectronic devices. NFC is both a “read” and “write” technology.Communication between two NFC-compatible devices occurs when they arebrought within four centimeters of one another: a simple wave or touchcan establish an NFC connection, which is then compatible with otherknown wireless technologies such as Bluetooth or Wi-Fi. The underlyinglayers of NFC technology follow universally implemented ISO, ECMA, andETSI standards. Because the transmission range is so short, NFC-enabledtransactions are inherently secure. Also, physical proximity of thedevice to the reader gives users the reassurance of being in control ofthe process.

NFC can be used with a variety of devices, from mobile phones thatenable payment or transfer information, to digital cameras that sendtheir photos to a TV set with just a touch. The possibilities areendless, and NFC is sure to take the complexities out of today'sincreasingly sophisticated consumer devices and make them simpler touse.

SUMMARY OF THE INVENTION

One object of the present invention is to provide a mobile integrateddistribution and transaction system and method particularly for use oninformation processing of NFC services.

Another object of the present invention is to provide a mobiledistribution system and method to distribute the widgets used for NFCtransactions.

Yet another object of the present invention is to provide a mobiletransaction system and method to use the widgets in NFC transactions.

Still another object of the present invention is to provide a mobileelectronic device to use the widgets in NFC transactions.

The aforementioned objects can be achieved singularly or in combinationwhen providing the invention defined by the claims appended hereto assummarized below.

In order to achieve the aforementioned objects, the present inventionprovides a mobile integrated distribution and transaction systemcomprising: a server having a widget generator for creating a widgethaving a certificate; a communication interface for distributing thewidget and retrieving the widget information associated with NFCtransactions; and at least one mobile electronic device having atransaction terminal comprising an NFC modem and at least one secureelement divided into a plurality of secure domains, and a virtualmachine for managing the widget and changing the widget informationwhile the NFC modern is enabling the NFC transactions with the secureelement.

In order to achieve the aforementioned objects, the present inventionprovides a mobile distribution system comprising: a widget generator forcreating a widget having a certificate; and a communication interfacefor distributing the widget to a mobile electronic device with atransaction terminal having at least one secure element for storing aplurality of secure applications, and retrieving the widget informationfrom the mobile electronic device using the transaction terminal for NFCtransactions.

In order to achieve the aforementioned objects, the present inventionprovides a mobile distribution method, comprising the following steps:generating a widget having a certificate; distributing the widget to amobile electronic device with a transaction terminal having at least onesecure element for storing at least one secure application; andretrieving the widget information from the mobile electronic device onNFC transactions enabled by one of the secure element in use of thetransaction terminal.

In order to achieve the aforementioned objects, the present inventionprovides a mobile transaction system to use a widget on wirelesstransactions, comprising: means for receiving widgets, each widgethaving a certificate displays multimedia content associated with asecure application; a graphical user interface for displaying thewidgets; means for selecting one of the widgets on the graphical userinterface; and means for transmitting the widget information whileenabling the wireless transactions with a secure element.

In order to achieve the aforementioned objects, the present inventionprovides a mobile transaction method to use a widget on NFCtransactions, comprising: receiving widgets, where each widget has acertificate; displaying the widgets on a graphical user interface;selecting one of the widgets on the graphical user interface; andchanging the widget information while an NFC modem is enabling the NFCtransactions with a secure element.

The aforementioned method can be implemented by a software installed ona mobile electronic device comprising the NFC modem and the graphicaluser interface.

The aforementioned method can be executed by computer-executableinstructions stored in a computer-readable media.

In order to achieve the aforementioned objects, the present inventionprovides a mobile electronic device for NFC services, comprising: atransaction terminal having an NFC modem for transmitting radiofrequency (RF) signals associated with a contactless data of NFCtransactions, and at least one secure element for storing at least onesecure application; and a virtual machine for authenticating andmanaging a plurality of widgets, each widget having a certificate, andchanging the widget information while the NFC modem is enabling the NFCtransactions with the secure element.

The aforementioned mobile electronic device can be a PDA or an iPod or acell phone or a hand-held device or a multimedia player.

In order to achieve the aforementioned objects, the present inventionprovides a mobile electronic device for NFC services, composed of: awireless modem for receiving a widget with a certificate from a wirelessnetwork; at least one secure element for storing at least one secureapplication; an NFC modem for transmitting radio frequency (RF) signalsassociated with a contactless data of NFC transactions; a graphical userinterface for displaying the widget; a memory for storing the widget;and a processor performing a virtual machine for managing the widget(s)and changing the widget(s') information while the NFC modem is enablingthe NFC transactions with the secure element.

In the mobile integrated distribution and transaction system and method,the mobile distribution system and method, the mobile transaction systemand method, and the mobile electronic device thereof according to thepresent invention, associated information of various transactionapplications can be displayed on a mobile electronic device throughwidgets having a certificate, NFC transactions can be enabled by asecure element for storing a secure application, and informationassociated with a secure application can be received or processed by thewidgets.

According to another broad aspect of the invention, a mobiledistribution system, installed on a mobile electronic device, includes aprocessor, memory, and code in the memory for implementing a particularmobile operating system in the processor, and being operatively coupledto a secure element having one or more secure applications. The systemfurther includes a virtual machine configured to execute in theprocessor to provide a runtime environment capable of running aplurality of widgets and configured to enable the widgets to be operableon any of a plurality of mobile operating systems including theparticular mobile operating system. The system further includes a secureelement manager configured to enable the widgets to read from or writeto the secure element by providing the widgets with access to acorresponding secure applications stored in the secure element, andenabling the mobile electronic device to perform NFC transactions usingthe corresponding secure applications.

In yet further embodiments, the secure element manager can be configuredto create an instance of a configured driver enabling access to thesecure element in response to a request by a widget to access the secureelement, with the secure element manager being configured to provideaccess to a plurality of secure elements.

In a more particular aspect, the system can further include a contenthandler configured to provide one or more of the following:communication between a third-party application installed on the mobileelectronic device and the widgets; and communication between thethird-party application installed on the mobile electronic device andthe corresponding secure applications stored in the secure element. Thesystem can further comprise a content handler plug-in, the contenthandler plug-in being implemented in the third-party application andenabling the third-party application to operatively communicate with thecontent handler. The content-handler plug-in can further comprise aunified reference locator (URL) of the content handler for connection tothe content handler, and widget identifiers associated with specificwidgets, wherein the widget identifier can be presented to the contenthandler via the URL to enable access by the third-party application tothe widget.

In still a further aspect of the invention, the virtual machine can beconfigured to perform one or more of the following: initiate a downloadof a widget from a widget distribution interface over a wireless networkwhen the a widget identifier associated with the widget is presented tothe content handler by the third-party application, but the at least onewidget is not presently installed on the mobile electronic device; andinitiate a download of the third-party application from a third-partyapplication distribution interface over the wireless network when thewidget attempts to communicate with the third-party application, but thethird-party application is not presently installed on the mobileelectronic device.

In still yet further embodiments, the system includes: an extensionsmanager configured using code executed in the processor to providecommunication between the virtual machine and/or the secure elementmanager, and a plurality of extensions associated with the plurality ofmobile operating systems. Each of the widgets in this embodiment can beconfigured to be operable in the runtime environment using codeexecuting in the processor, without necessitating configuration directlywith the plurality of mobile operating systems, and each of the widgetscan be added, removed, or updated without necessitating alteration ofthe runtime environment.

According to yet another broad aspect of the invention, a method ofproviding a mobile distribution system, for use on a mobile electronicdevice having a particular mobile operating system, a processor, memory,and code in the memory for implementing a particular mobile operatingsystem in the processor, and being operatively coupled to a secureelement having one or more secure applications is provided. A serveruses code to generate a mobile client for distribution over a wirelessnetwork to the mobile electronic device, the mobile client including atleast the following: a virtual machine configured to execute in theprocessor to provide a runtime environment capable of running aplurality of widgets and configured to enable the widgets to be operableon any of a plurality of mobile operating systems including theparticular mobile operating system. A secure element manager isconfigured to enable at least one widget of the plurality of widgets toread from or write to the secure element by providing the at least onewidget with access to a corresponding one of the one or more secureapplications stored in the secure element, and by enabling the mobileelectronic device to perform at least one NFC transaction using thecorresponding secure applications.

In accordance with one or more of the foregoing methods, the secureelement manager can be configured to create an instance of a configureddriver enabling accessing to the secure element in response to a requestby the widget to access the secure element. As well, the secure elementmanager can be configured to provide access to a plurality of secureelements. The mobile client can then be distributed to the mobileelectronic device.

These and other aspects, features and advantages will be understood withreference to the following description of certain embodiments of theinvention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a system architecture diagram of a mobile integrateddistribution and transaction system for NFC service in accordance withthe present invention.

FIG. 2 shows a block diagram of a transaction terminal in accordancewith the present invention.

FIG. 3A shows a schematic block diagram illustrating the software andthe hardware of the mobile electronic device.

FIG. 3B shows a schematic block diagram illustrating the mobileelectronic device of the FIG. 3A communicating with the bank server forreceiving widgets and enabling a transaction communication.

FIG. 4 shows a schematic diagram illustrating a plurality of appliedwidgets displayed on the graphical user interface of the mobileelectronic device in accordance with the present invention.

FIG. 5 shows a schematic block diagram illustrating the various statesof a widget in accordance with the present invention.

FIG. 6 is a flow chart showing a mobile distribution method inaccordance with the present invention.

FIG. 7 is a flow chart showing a mobile transaction method in accordancewith the present invention.

FIG. 8 shows a system architecture diagram of a mobile integrateddistribution and transaction system for NFC services in accordance withembodiments of the present invention.

FIG. 9 shows a schematic block diagram illustrating elements of thesoftware and the hardware of the mobile electronic device in accordancewith embodiments of the present invention.

FIG. 10 is a flow chart showing a mobile distribution method inaccordance with embodiments of the present invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

FIG. 1 shows a system architecture diagram of a mobile integrateddistribution and transaction system for NFC service in accordance withthe present invention. The mobile integrated distribution andtransaction system for NFC service of the present invention comprises aserver 10 comprising a communication interface 11 communicated with awireless network 30 and executes a widget lifecycle management platform12. The widget lifecycle management platform 12 comprises a widgetgenerator for creating a widget. The widget may display multimediacontent associated with a secure application. In an embodiment of thepresent invention, the widget generator is a software development kit(SDK) of the widget lifecycle management platform 12, and the widget isan independent application that is developed using SDK and that can onlybe run on a virtual machine 21 of a mobile electronic device 20.

In an embodiment of the present invention, the widget is assigned acertificate which allows the widget to enable a NFC transaction with asecure element for storing a plurality of secure applications. In anembodiment, the widget is assigned a lifecycle, and the widget lifecyclemanagement platform 12 retrieves the widget information used on the NFCtransaction through the communication interface 11 during the validlifecycle. In an embodiment of the present invention, the widget isassigned an identification number representing an account for conductingthe NFC transactions under a secure application. In each embodiment ofthe present invention, the secure application is, but not limited to, atransport application or a credit/debit application or a couponapplication or a secure access application or a loyalty card applicationor an electronic purse application or a ticketing application.

The widget lifecycle management platform 12 of the mobile integrated andtransaction system of the present invention uses the communicationinterface 11 to distribute a plurality of widgets to at least one mobileelectronic device 20 through the wireless network 30. In an embodimentof the present invention, the widget lifecycle management platform 12also uses the communication interface 11 to retrieve the widgetinformation used on the NFC transaction from the mobile electronicdevice 20 so as to analyze the information associated with NFCtransactions received by the widget.

Still referring to FIG. 1, the mobile integrated distribution andtransaction system of the present invention comprises at least onemobile electronic device 20 comprising a virtual machine 21 and atransaction terminal 22. The virtual machine 21 is an implementation ofsoftware and provides a widget management platform for managing thewidget received by the mobile electronic device 20 from the server 10.In an embodiment of the present invention, the transaction terminal 22allows the mobile electronic device 20 to enable a peer-to-peertransaction with other NFC devices 31, so that the mobile electronicdevice 20 changes the widget information or that the widget receives theinformation associated with transactions. In another embodiment of thepresent invention, the transaction terminal 22 allows the mobileelectronic device 20 to enable a card emulation mode transaction with apoint-of-sales (POS) terminal 32, so that the mobile electronic device20 changes the widget information or that the widget receives theinformation associated with transactions. In yet another embodiment ofthe present invention, the transaction terminal 22 allows the mobileelectronic device 20 to enable a reader mode transaction with aradio-frequency identification (RFID) tag 33, so that the mobileelectronic device 20 changes the widget information or that the widgetreceives the information associated with transactions. In other words,an NFC transaction enabled by the mobile electronic device 20 includes,but is not limited to, a peer-to-peer transaction, a card emulation modetransaction, and a reader mode transaction.

In an embodiment of the present invention, a mobile electronic device 20for NFC services comprises a transaction terminal 22 as shown in FIG. 2and a virtual machine 21. The transaction terminal 22 comprises: an NFCmodern for transmitting radio frequency (RF) signals associated withcontactless data of NFC transactions or for transmitting data associatedwith NFC transactions; and at least one secure element divided into atleast one secure domain where a specific secure application is locatedor stored. In an embodiment of the present invention, the secure elementis implemented by a SIM card for a cell phone or a secure memory card,such as a micro-SD card. The virtual machine 21 is installed on themobile electronic device 20 for authenticating and managing a pluralityof widgets, and each widget has a certificate. After the certificate isauthenticated by the virtual machine 21, the virtual machine 21 allowsthe widget to access the secure element 225. The widget changes thewidget information or retrieves information under a corresponding secureapplication stored in one of secure domains while the NFC modem isenabling the NFC transactions with the secure element 225.

FIG. 2 shows a block diagram of a transaction terminal in accordancewith the present invention. The transaction terminal 22 is implementedon a mobile electronic device 20. In an embodiment of the presentinvention, the mobile electronic device 20 is a PDA or an iPod or a cellphone or a hand-held device or a multimedia player. In anotherembodiment of the present invention, the mobile electronic device 20comprises the transaction terminal 22 only, exclusively used forconducting NFC transactions under the control of a secure applicationlocated or stored in a secure domain.

In an embodiment of the present invention, a mobile electronic device 20comprises a transaction terminal 22. The transaction terminal 22 is usedfor NFC transactions, composed of a wireless modem 226, at least onesecure element 225, an NFC modern 224, a memory 223, a graphical userinterface 222, and a processor 221. The wireless modem 226 can use awireless protocol such as 3G, GPRS, Bluetooth, or WiFi or any otherwireless communication protocol such that the mobile electronic device20 communicates with a wireless network 30, and the widget isdistributed to the mobile electronic device 20 through the wirelessmodern 226 of the transaction terminal 22. The secure element 225 is ahardware embedded into the mobile electronic device 20 and is divided ina plurality of secure domains where secure applications are located orstored. In an embodiment of the present invention, the mobile electronicdevice 20 is a cell phone, and the secure element 225 is the SIM cardfor a cell phone or a secure memory card which can be plugged into thememory card slot of the mobile electronic device 20. For example, suchsecure memory card is a micro-SD card. In another embodiment of thepresent invention, the mobile electronic device 20 may comprises aplurality of secure elements 225. For example, both a SIM card and amemory card are embedded into a NFC mobile phone. The SIM card and thememory card are divided into a plurality of secure domains for storing aplurality of secure applications, respectively.

In some embodiments, secure element 225 can be operatively connected tothe mobile electronic device 20 as described above. In some embodiments,secure element 225 can be operatively connected to the mobile electronicdevice 20 without being embedded or plugged into the mobile electronicdevice 20. For example, the secure element 225 may be wirelesslyconnected to the mobile electronic device 20 via any appropriatewireless communication means (e.g., Bluetooth, WiFi, RF, etc.) Once thesecure element 225 is operatively connected to the mobile electronicdevice 20 using any of the above means, NFC transactions can beconducted under the control of a secure application located or stored ina secure domain of the secure element 225.

The NFC modem 224 comprises a built-in NFC antenna (not shown) for NFCtransactions and is electronically connected to the secure element 225.The processor 221 of the transaction terminal 22 executes softwareprogram instructions of a widget management platform, and iselectrically connected to the wireless modem 226 to receive the widgetsdistributed by the server 10 or to transmit information associated withNFC transactions received by the widget back to the server 10. Thewidget is assigned an identification number representing an account forconducting NFC transactions under the control of a secure applicationstored in the secure element, and the information transmitted back tothe server 10 from the widget includes the identification number.

In addition, the processor 221 electronically connects to the secureelement 225 and the NFC modem 224 to access the secure element 225 forenabling the NFC transactions. The processor 221 also electronicallyconnects to the memory 223 for storing the received widget and connectsto the graphical user interface 222 for displaying multimedia contentassociated with a secure application represented by the widget.

In an embodiment of the present invention, the widget assigned acertificate is corresponding to a specific secure application stored ina secure domain. The certificate will be authenticated by the widgetmanagement platform provided by the virtual machine 21. If thecertificate passes the authentication, the virtual machine 21 will allowthe widget to access the secure element 225 to enable the NFC modem 224to conduct the NFC transactions under a secure application, so that thewidget information is changed or that the transaction informationassociated with a secure application is received by the widget. A secureapplication is located or stored in a secure domain. For example, aloyalty card application is located in a secure domain which enables aloyalty card transaction with the secure element 225. For anotherexample, an electronic purse application is located in a secure domainwhich enables an electronic purse transaction with the secure element225. For another example, a coupon application is located in a securedomain which enables a coupon transaction with the secure element 225.

In an embodiment of the present invention, the widget is assigned acertificate and a lifecycle. During the valid lifecycle, if thecertificate passes the authentication of the virtual machine 21, it willallow the widget to access the secure element 225 to enable the NFCmodem 224 to conduct the NFC transactions. The widget also transmitsinformation associated with the NFC transaction back to the server 10through the wireless modern 226 during the valid lifecycle. In anexemplary embodiment, the widget displays multimedia content associatedwith a coupon application and is assigned a lifecycle associated withthe coupon. The widget is distributed to the mobile electronic device20, which uses the coupon information of the widget through NFCtransactions under the coupon application during the valid lifecycle ofthe coupon.

FIG. 3A shows a schematic block diagram illustrating the software andthe hardware of the mobile electronic device. In the mobile electronicdevice of the present invention, the virtual machine 21 manages thewidget received by the mobile electronic device 20 from the server 10,and authenticates the certificate of the widget to allow the widget tocommunicate with the transaction terminal 22. Each widget displaysmultimedia content associated with a secure application; for example, itmay be a widget associated with AirFrance, VISA, or EasyCardapplications. In the embodiments of the present invention, the virtualmachine 21 may be installed on various mobile electronic devices 20(such as a PDA, an iPod, a mobile phone, a handheld device, or amultimedia player) and provides a widget management platform such thatthe authenticated widget accesses the secure element 225 of thetransaction terminal 22 to enable NFC transactions.

FIG. 4 shows a schematic diagram illustrating a plurality of appliedwidgets displayed on the graphical user interface of the mobileelectronic device in accordance with the present invention. In anembodiment of the present invention, the widgets managed by the virtualmachine 21 may be displayed by the graphical user interface 222 of thetransaction terminal 22, and it is preferable that the graphical userinterface 222 is implemented by a touch panel. The user may move thefinger on the touch panel in the arrow direction shown in FIG. 4 toselect one of the widgets, such as the widget associated with a VISAapplication stored in a secure element, and then move the selectedwidget to the up front position. When the user uses the finger to clickon the up front widget on the touch panel, it means that the userdecides to use that selected widget to enable NFC transactions.

Once the user selects a widget, the virtual machine 21 will allow thewidget to access the secure element 225 of the transaction terminal 22to activate the NFC modem 224. The selected widget then waits for anevent triggered by the NFC modem 224 so that the widget informationchanges or that the widget receives transaction information associatedwith the VISA secure application, wherein the event is an interactionassociated with the NFC transaction, as shown in FIG. 4.

FIG. 3B shows a schematic block diagram illustrating the mobileelectronic device of the FIG. 3A communicating with the bank server forreceiving widgets and enabling a transaction communication. In anembodiment of the present invention, a secure element 225 of the mobileelectronic device 20 is provided by a bank, such as a secure micro-SDcard which can be plugged into the micro-SD card slot of the mobileelectronic device 20. The memory space of micro-SD card may be dividedin a plurality of secure domains such as SD1, SD2 as shown in FIG. 3B.One secure application is located or stored in one secure domain; forexample, a VISA secure application is located in a secure domain whichenables VISA secure transactions using the secure element 225. Thesecure application is, but not limited to, a transport application or acredit/debit application or a coupon application or a secure accessapplication or a loyalty card application or an electronic purseapplication or a ticketing application.

A bank server 10′ issues a secure application downloaded and stored intoone secure domain of the secure element 225, and issues widgets promotedby the bank. Each widget is assigned a certificate and the certificateallows the widget to be authenticated by the virtual machine 21 toaccess the secure element 225 such that the widget received by themobile electronic device 20 from the bank server 10′ can enable NFCtransactions under a corresponding secure application located in thesecure domain of the secure element 225.

FIG. 5 shows a schematic block diagram illustrating the various statesof a widget in accordance with the present invention. The widget used inthe mobile integrated distribution and transaction system of the presentinvention has a plurality of states. The initial state of the widget is“not activated” when the widget is created on the server. The state ofthe widget will change to “deleted” if the widget is assigned alifecycle but the state of the widget remains as “not activated” afterthe valid lifecycle is past. The mobile electronic device 20 requeststhe server 10 for downloading a widget. The state of the widget is“distributed” when the widget is being distributed to the virtualmachine 21 of the mobile electronic device 20 before the widget isactivated successfully. The state of the widget will change from“distributed” to “activated” when the widget is authenticated by thevirtual machine 21 and then successfully accesses the correspondingsecure application stored in the secure elements 225.

The virtual machine 21 allows the widget to access the secure element225 of the transaction terminal 22 to activate the NFC modern 224 whenthe user selects a widget on the graphical user interface 222. Thewidget then reacts to an event triggered by the NFC modem 224 such thatthe state of the widget changes from “activated” to “in use” under aspecific secure application corresponding to the widget, and the eventis an interaction associated with NFC transactions. The state of thewidget will return from “in use” to “activated” after the widgetcompletes processing the information on NFC transactions.

In an embodiment of the present invention, the widget, such as a widgetassociated with a coupon application, will change its state from “inuse” to “deleted” after the widget completes processing the informationon NFC transactions. In another embodiment of the present invention,when an error occurs while the widget is processing the information onNFC transactions, such as a date conflict error or a secure applicationconflict error on NFC transactions, then the state of the widget willchange from “in use” to “error” and the graphical user interface 222will display the error information. The state of the widget will returnfrom “error” to “activated” after the error is resolved.

In an embodiment of the present invention, the widget can transfermessages between two virtual machines of separate mobile electronicdevices. The virtual machine 21 will allow the widget to access thesecure element 225 of the transaction terminal 22 to activate the NFCmodem 224 when the user chooses to share a widget on the graphical userinterface 222. The widget then reacts to an event triggered by the NFCmodem 224 such that the state of the widget changes from “activated” to“on share” under a specific secure application corresponding to thewidget, and the event is an interaction associated with NFCtransactions. The state of the widget will return from “on share” to“activated” after the widget completes processing the information on NFCtransactions.

In an embodiment of the present invention, the virtual machine 21 willallow the widget to access the secure element 225 of the transactionterminal 22 to activate the NFC modern 224 when the user chooses toupdate a widget on the graphical user interface 222. The widget thenreacts to an event triggered by the NFC modern 224 such that the stateof the widget changes from “activated” to “updated” under a specificsecure application corresponding to the widget, and the event is aninteraction associated with NFC transactions. The state of the widgetwill return from “on share” to “updated” after the widget updates theinformation on NFC transactions.

FIG. 6 is a flow chart showing a mobile distribution method inaccordance with the present invention. In an embodiment of theinvention, the mobile distribution system implements a mobiledistribution method, the method comprising the following steps: creatinga widget displaying multimedia content associated with a secureapplication such as a transport application or a credit/debitapplication or a coupon application or a secure access application or aloyalty card application or an electronic purse application or aticketing application. The widget only executes on a virtual machine 20of the mobile electronic device 20 or installed on the mobile electronicdevice 20.

In the mobile distribution method, the step of creating a widget furthercomprises: initializing a state of the widget as “not activated” whenthe widget is created; assigning a certificate to the widget, whereinthe widget is associated with a specific secure application such as atransport application or a credit/debit application, and the certificateallows the widget authenticated by the virtual machine 21 to access thesecure element 225 embedded or plugged into the transaction terminal 22to enable NFC transactions to retrieve information under a specificsecure application; assigning a lifecycle to the widget, wherein thewidget downloaded to the mobile electronic device 20 may process orretrieve information on NFC transactions during the valid lifecycle andtransmit information back to the server 10; and assigning anidentification number representing an account for conducting NFCtransactions under the control of a secure application corresponding tothe widget. In addition, the method comprises the following step:recording the certificate, lifecycle and the identification numberassigned to the widget to gather statistics for the mobile distributionsystem or to analyze the widget.

In an embodiment of the present invention, the mobile distributionsystem further comprises the following steps: distributing the widget tothe mobile electronic device 20 and changing the state of the widgetfrom “not activated” to “distributed”, wherein the mobile electronicdevice 20 has a transaction terminal 22 comprising at least one secureelement 225 for storing a secure application and a virtual machine 21;and retrieving the widget information from the mobile electronic device20 while the state of the widget is “activated”, wherein the widgetinformation is gathered or updated by the widget while the mobileelectronic device 20 enables NFC transactions. In another embodiment ofthe present invention, the mobile distribution method further comprisesthe following step: analyzing the information gathered or updated by thewidget for transaction accounting according to the recorded lifecycleand identification number.

FIG. 7 is a flow chart showing a mobile transaction method in accordancewith the present invention. In an embodiment of the present invention,the mobile transaction method is implemented by the mobile transactionsystem of the present invention or by the mobile electronic device 20 asshown in FIG. 1, wherein the mobile electronic device comprises thetransaction terminal 22 as shown in FIG. 2. The mobile transactionmethod is implemented by a software installed on the mobile electronicdevice 20 comprising the NFC modem and the graphical user interface 222.The mobile transaction method comprises the following steps: receivingthe widgets distributed by the server 10, each widget having acertificate, and/or a lifecycle and a identification number, wherein thecertificate allows the widget authenticated by the virtual machine 21 toaccess the secure element 225 embedded or plugged into the transactionterminal 22 to enable NFC transactions, wherein the identificationnumber represents an account for conducting NFC transactions under asecure application, and wherein the widget information is changed whilethe NFC modem is enabling the NFC transactions during the valid lifecycle; and authenticating the certificate of the widget to determinewhether the widget can access the secure element 225 of the transactionterminal 22, wherein the widget is activated if the widget successfullyaccesses the secure element 225 to retrieve information from a specificsecure application stored in the secure element, and the state of thewidget changes from “distributed” to “activated”.

The mobile transaction method further comprises: displaying the widgetson the graphical user interface 222, wherein the widgets displaysmultimedia content associated with a secure application; managing thewidgets; selecting one of the widgets on the graphical user interface222 to use, share or update such that the selected widget reacts to anevent, which is an interaction associated with NFC transactions,triggered by the NFC modem 224 and changing the state of the widget to“in use”, “on share” or “updated”; Using the selected widget tocommunicate with the secure element; changing or transmitting the widgetinformation while the NFC modem 224 is enabling NFC transactions withthe secure element 225; and changing the state of the widget back to“activated” after the widget is used, shared or updates the receivedinformation on NFC transactions.

In an embodiment of the present invention, the method further comprises:the widget retrieving information associated with the NFC transactionfrom the NFC modem, or a secure application corresponding to the widget;and transferring the widget or widget information on to the mobileelectronic device 20 having an NFC modem through the NEC transaction, orthrough a combination of the NFC transaction and a communication means.

Turning now to FIG. 8, a system architecture diagram of a mobileintegrated distribution and transaction system for NFC services is shownin accordance with a further embodiment of the present invention. Thedistribution and transaction system employs a front-end mobile platformfor porting and distribution of NEC applications, and has a widget-basedarchitecture, which enables fast application development of NFC services(e.g., proximity payment, transport, ticketing, loyalty cards, coupons,etc.). In some embodiments, the distribution and transaction systemcomprises a mobile client 40, which is generated or otherwisepreconfigured, and distributed to a plurality of mobile electronicdevices 20. The mobile client 40 is a runtime system that is configuredto enable widgets that are delivered to the mobile electronic device 20to be loaded and executed. The system further includes a widgetdistribution interface 13 operating on server 10, which can comprise thecommunication interface 11 and widget lifecycle management platform 12,both of which are described in detail above in the description of FIG.1.

In some embodiments, widgets are developed using the widget generator(SDK) associated with the widget lifecycle management platform 12 asdescribed above, and are distributed by the communication interface 11over wireless network 30 to one or more mobile electronic devices 20,where they are executed on mobile client 40. Mobile client 40 isconfigured to be compatible with a plurality of mobile operating systems(OSs) employed on a plurality of mobile electronic devices from aplurality of manufacturers and/or service providers. Different OSs mayhave different interfaces and different OS-specific functions and/orrequirements. Likewise, different mobile electronic devices havedifferent hardware components, each having their own requirements. Forexample, accessing the NFC transceiver or the secure element (SE)requires different extensions, protocols and/or drivers depending on theparticular OS and hardware of the mobile electronic device 20. As such,mobile client 40 is configured with a plurality of compatibleextensions, protocols and/or drivers already integrated. This allowsservice providers, for example, the flexibility to design a singleOS-independent and mobile electronic device-independent widget using theSDK for deployment on a plurality of different OSs and devices withoutrequiring the creation of many varying iterations of the same widget tomeet the requirements of each.

Turning to FIG. 9, in accordance with embodiments of the invention,mobile client 40 comprises virtual machine 21 (described in detailabove), secure element (SE) manager 23, extensions manager 24, andcontent handler 25. It should be noted that in other embodiments, one ormore of the above can be omitted. For example, mobile client 40 can beconfigured without extensions manager 24 and content handler 25, asthose programs may not be required or can be provided separate from themobile client 40. In some embodiments, virtual machine 21 is configuredto provide a stack-based runtime environment for the widgets, requiringno registers. For each operation, the operands are pushed on top of thestack in the correct order, allowing the accumulation of operands toallow the sequential execution of operations during the life of thethread of code that manages the execution context. It will of course beunderstood by those of ordinary skill in the art that otherimplementations of virtual machine 21 can be used, such as aregister-based environment.

The runtime environment, which is executed in the processor, implementsthe core behavior of the programming code when invoked by a widget. Thevirtual machine 21 can then implement an action on the mobile electronicdevice 20, such as, for example, causing a connection to a secureapplication in the SE. Additionally or alternatively, the virtualmachine 21 can translate the invocation into an invocation of theparticular OS of the mobile electronic device 20, such as for causingthe OS of the mobile electronic device 20 to connect directly to thewireless network, etc.

The SE manager 23 is configured to enable a widget to read from and/orwrite to the SE, provided the widget certificate has been authenticatedby the virtual machine 21. The SE manager 23 enables the authenticatedwidget to access a secure application stored in the SE, which in someembodiments enables an NFC transaction to be performed by the mobileelectronic device 20. This can be accomplished by the SE manager 23first abstracting all the heterogeneous interfaces for accessing the SEinto a platform-independent interface used by the widget. While the SEmanager 23 is capable of providing communication between a plurality ofwidgets and a plurality of SEs, it is typically configured to provideaccess to a single SE using a single channel at any given time.Therefore, concurrent connections are blocked until the thread owningthe connection releases it. To connect a widget with a secureapplication in a SE, the SE manager 23 can create an instance of aconfigured driver by specifying the driver's class name from thepreviously abstracted information, enabling access to the SE using thedriver. Furthermore, due to the platform-independent interface, SEmanager 23 is configured to provide access to a plurality of SEsinstalled (or installable) on a variety of mobile electronic devices 20.

In accordance with embodiments of the invention, mobile client 40 canalso include extensions manager 24. Extensions manager 24 is responsiblefor managing all the extensions present in mobile client 40, and forproviding an interface between extensions and the mobile client 40.Extensions incorporated into mobile client 40, and managed by extensionsmanager 24 can include extensions common to a plurality of OS platforms(i.e. RIM, J2ME, Nokia, Android, etc.), and Application Protocol DataUnit (APDU) extensions. Extensions manager 24 can also manageOS-specific extensions. Extensions manager 24 provides communicationbetween virtual machine 21 and SE manager 23, and the extensions. Insome embodiments, extensions manager 24 can be updated as necessary viawireless network 30 to ensure compatibility, and/or specific extensionsmay be provided to the extensions manager 24 directly when a dataconnection is requested that is not initially supported by theextensions present in mobile client 40. In some embodiments, extensionsmanager 24 can access a library of extensions present on the OS of themobile electronic device 20 in lieu of an extension in mobile client 40.

Mobile client 40 can also include content handler 25. Content handler 25is configured to provide communication between native third-partyapplications (such as third-party application 50) installed on themobile electronic device 20 and the widgets. Content handler 25 is alsoconfigured to provide communication between third-party applications andsecure applications stored in the SE. In particular, content handler 25is responsible for managing incoming connections from third-partyapplications attempting to connect to a widget or secure application,and outgoing connections to third-party applications. Furthermore,content handler 25 maintains a list of actions available for third-partyapplications that are allowed to connect to widgets and/or secureapplications.

In some embodiments, managing connections and interactions betweenthird-party application 50 and widgets/secure applications isaccomplished by employing a content handler plug-in 51. Content handlerplug-in 51 is a specific library that must be implemented in third-partyapplication 50 in order to be able to communicate and interact with themobile client 40 through the content handler 25. The content handlerplug-in 51 can comprise several parameters including: a unifiedreference locator (URL) of the content handler 25 for connection withthe content handler 25; a widget identifier associated with each widgetwith which the third-party application 50 would like to communicate;and/or the list of actions available to the third-party application 50for interacting with the mobile client 40. In some embodiments, byemploying the content handler plug-in 51, third party application 50 isconfigured with the identity of the widget and/or secure application(stored in the SE) with which it can interact. Only by calling thespecific widget and/or secure application, will content handler 25enable communication with widgets via virtual machine 21, and withsecure applications via secure element manager 23.

In accordance with aspects that can be included in embodimentsconstructed in accordance with the invention, if a widget is called bythird-party application 50, but the widget is not present in the memoryof mobile electronic device 20, content handler 25 can initiate adownload of the widget from the widget distribution interface 13 overwireless network 30 via wireless modem 226. Conversely, if third-partyapplication 50 is called by a widget, but the third-party application 50is not present in the memory of mobile electronic device 20, contenthandler 25 can initiate a download of the third-party application 50from the source server of the third-party application developer overwireless network 30 via wireless modern 226. In either instance,notifications can be provided via the mobile electronic device to theuser that additional resources are needed to implement an action thathas commenced at the mobile electronic device 20. Optionally, suchnotifications can include a prompt to the user to accept having suchresources downloaded to the mobile electronic device.

Employing content handler 25 and content handler plug-in 51,functionality of mobile client 40 is broadened in a manner that, amongother things, simplifies the conduct of a variety of NFC transactions.For example, a widget can be accessed directly from third-partyapplication 50 without a mobile device user having to close thethird-party application 50 and open the mobile client 40 in order tocomplete an NFC transaction via NFC transceiver 224. Third-partyapplication 50 may, for example, require information that can beprovided directly from one or more widgets (e.g. club membershipinformation from a club card widget, location data from a GPS enabledwidget, and/or payment information from a payment widget) in order tocomplete an NFC transaction, but does not require the full functionalityof the associated secure applications. As such, an NFC transaction canbe initiated and concluded from within the third-party application 50while maintaining the security and integrity of the secure element, byproviding third-party application 50 with access to the secureapplication via content handler 25 and content handler plug-in 51. Thisis in lieu of suspending the third-party application 50 in order to opena mobile wallet, for instance. Similarly, third-party application 50 canbe accessed directly by the widget without the user having to leave orclose the mobile client 40.

Furthermore, depending on the rights of the third-party application 50,which can be managed by settings established in the mobile client 40,similar reciprocal user access/functionality can be employed betweenthird-party application 50 and a secure application located in the SE asbetween the widgets and the third-party application 50. This can occur,for example, when a mobile device user employs third-party application50 (e.g., of a retail store) to browse for a product or service, butdesires to pay for the product or service via NFC transaction, using asecure application provided by a trusted payment provider (e.g., VISA).As such, an NFC transaction can be initiated and concluded from withinthe third-party application 50 while maintaining the security andintegrity of the secure element, by providing third-party application 50with access to the secure application via content handler 25 and contenthandler plug-in 51. Finally, data exchange is selectively enabledbetween widgets/secure applications and third-party applications usingthe content handler system. As such, mobile client 50 can provide forsecure and seamless management of NFC transactions between mobileelectronic device 20 and other NFC-enabled devices 31 and/or POSterminals 32, using NFC transceiver 224, regardless of whether thetransaction was initiated via the widget, the secure application in theSE, or a third-party application.

Turning now to FIG. 10, a flow chart showing a mobile distributionmethod in accordance with certain embodiments of the present inventionis provided. At step 60, mobile client 40 is generated and includes theplurality of OS-specific and hardware-specific information andrequirements which are embedded into mobile client 40 before deploymenton each of a plurality of mobile electronic devices 20. For instance,the mobile client can comprise code such as a set of instructionsexecutable in a processor of the mobile electronic device 20 oncedeployed. At step 61, mobile client 40 is distributed to one or moremobile electronic devices 20 across the wireless network 30 in aconventional manner, or is otherwise installed on the mobile electronicdevice 20 (e.g., by the device manufacturer). At step 62, OS-independentwidgets are developed (e.g., by service providers, mobile networkoperators, etc.) using the SDK of the widget distribution interface 13,and at step 63 the widgets are wirelessly distributed to the one or moremobile electronic devices 20 over wireless network 30, and provided tomobile client 40. At step 64, should the widget developer desire toupdate, change, or delete the widget and/or should the widget require anupdate, change, or deletion, the widget can be appropriately modifiedwithout modification of the mobile client 40. Otherwise, the widgetcontinues to reside on the mobile electronic devices 20 throughout thewidget's lifecycle, and the method ends.

At this juncture, it should be noted that although much of the foregoingdescription has been directed to mobile integrated distribution andtransaction systems and methods for NFC services, the systems andmethods disclosed herein can be similarly deployed and/or implemented inscenarios, situations, and settings far beyond the referenced scenarios.It is to be understood that like numerals in the drawings represent likeelements through the several figures, and that not all components and/orsteps described and illustrated with reference to the figures arerequired for all embodiments or arrangements.

Thus, illustrative embodiments and arrangements of the present systemsand methods provide a computer implemented method, computer system, andcomputer program product for providing augmented content. The flowchartand block diagrams in the figures illustrate the architecture,functionality, and operation of possible implementations of systems,methods and computer program products according to various embodimentsand arrangements. In this regard, each block in the flowchart or blockdiagrams can represent a module, segment, or portion of code, whichcomprises one or more executable instructions for implementing thespecified logical function(s). It should also be noted that, in somealternative implementations, the functions noted in the block may occurout of the order noted in the figures. For example, two blocks shown insuccession may, in fact, be executed substantially concurrently, or theblocks may sometimes be executed in the reverse order, depending uponthe functionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts, or combinations of special purpose hardware andcomputer instructions.

The functions describe herein can be implemented by hardware and orhardware executing code (also known as programs, software, or softwareapplications) which include machine instructions for a programmableprocessor, and can be implemented in a high-level procedural and/orobject-oriented programming language, and/or in assembly/machinelanguage. As used herein, the terms machine-readable storage medium andcomputer-readable storage medium refer to any computer program product,apparatus and/or device (e.g., magnetic discs, optical disks, memory,Programmable Logic Devices (PLDs)) used to provide machine instructionsand/or data to a programmable processor, including a machine-readablestorage medium that receives machine instructions as a machine-readablesignal. The term machine-readable signal refers to any signal used toprovide machine instructions and/or data to a programmable processor. Amachine-readable storage medium does not include a machine-readablesignal.

The systems and techniques described here can be implemented in acomputing system that includes a back end component (e.g., as a dataserver), or that includes a middleware component (e.g., an applicationserver), or that includes a front end component (e.g., a client computerhaving a graphical user interface or a Web browser through which a usercan interact with an implementation of the systems and techniquesdescribed here), or any combination of such back end, middleware, orfront end components. The components of the system can be interconnectedby any form or medium of digital data communication (e.g., acommunication network). Examples of communication networks include alocal area network (LAN), a wide area network (WAN), and the Internet.

The computing system can include clients and servers. A client andserver are generally remote from each other and typically interactthrough a communication network. The relationship of client and serverarises by virtue of computer programs running on the respectivecomputers and having a client-server relationship to each other.

While this specification contains many specific implementation details,these should not be construed as limitations on the scope of anyimplementation or of what may be claimed, but rather as descriptions offeatures that may be specific to particular embodiments of particularimplementations. Certain features that are described in thisspecification in the context of separate embodiments can also beimplemented in combination in a single embodiment. Conversely, variousfeatures that are described in the context of a single embodiment canalso be implemented in multiple embodiments separately or in anysuitable subcombination. Moreover, although features may be describedabove as acting in certain combinations and even initially claimed assuch, one or more features from a claimed combination can in some casesbe excised from the combination, and the claimed combination may bedirected to a subcombination or variation of a subcombination.

Similarly, while operations are depicted in the drawings in a particularorder, this should not be understood as requiring that such operationsbe performed in the particular order shown or in sequential order, orthat all illustrated operations be performed, to achieve desirableresults. In certain circumstances, multitasking and parallel processingmay be advantageous. Moreover, the separation of various systemcomponents in the embodiments described above should not be understoodas requiring such separation in all embodiments, and it should beunderstood that the described program components and systems cangenerally be integrated together in a single software product orpackaged into multiple software products.

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the invention. Asused herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”and/or “comprising”, when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof.

It should be noted that use of ordinal terms such as “first,” “second,”“third,” etc., in the claims to modify a claim element does not byitself connote any priority, precedence, or order of one claim elementover another or the temporal order in which acts of a method areperformed, but are used merely as labels to distinguish one claimelement having a certain name from another element having a same name(but for use of the ordinal term) to distinguish the claim elements.

Also, the phraseology and terminology used herein is for the purpose ofdescription and should not be regarded as limiting. The use of“including,” “comprising,” or “having,” “containing,” “involving,” andvariations thereof herein, is meant to encompass the items listedthereafter and equivalents thereof as well as additional items.

Particular embodiments of the subject matter described in thisspecification have been described. Other embodiments are within thescope of the following claims. For example, the actions recited in theclaims can be performed in a different order and still achieve desirableresults. As one example, the processes depicted in the accompanyingfigures do not necessarily require the particular order shown, orsequential order, to achieve desirable results. In certainimplementations, multitasking and parallel processing may beadvantageous.

What is claimed is:
 1. A mobile distribution system, installed on a mobile electronic device having a processor, memory, and code in the memory for implementing a particular mobile operating system in the processor, and being operatively coupled to a secure element having one or more secure applications, the system comprising: a virtual machine configured to execute in the processor to provide a runtime environment capable of running a plurality of widgets and configured to enable the plurality of widgets to be operable on any of a plurality of mobile operating systems including the particular mobile operating system; and a secure element manager configured to enable at least one widget of the plurality of widgets to read from or write to the secure element by providing the at least one widget with access to a corresponding one of the one or more secure applications stored in the secure element, and enabling the mobile electronic device to perform at least one NFC transaction using the corresponding one of the one or more secure applications; wherein the secure element manager is configured to create an instance of a configured driver enabling access to the secure element in response to a request by the at least one widget to access the secure element; and wherein the secure element manager is configured to provide access to a plurality of secure elements.
 2. The system of claim 1, further comprising: a content handler configured to provide at least one of the following: communication between a third-party application installed on the mobile electronic device and the at least one widget; and communication between the third-party application installed on the mobile electronic device and the corresponding one of the one or more secure applications stored in the secure element; and a content handler plug-in, the content handler plug-in being implemented in the third-party application, and enabling the third-party application to operatively communicate with the content handler.
 3. The system of claim 2, the content-handler plug-in further comprising: a unified reference locator (URL) of the content handler for connection to the content handler; and at least one widget identifier associated with the at least one widget; wherein the at least one widget identifier is presented to the content handler via the URL to enable access by the third-party application to the at least one widget.
 4. The system of claim 3, the virtual machine further configured to perform at least one of the following: initiate a download of the at least one widget from a widget distribution interface over a wireless network when the at least one widget identifier associated with the at least one widget is presented to the content handler by the third-party application, but the at least one widget is not presently installed on the mobile electronic device; and initiate a download of the third-party application from a third-party application distribution interface over the wireless network when the at least one widget attempts to communicate with the third-party application, but the third-party application is not presently installed on the mobile electronic device.
 5. The system of claim 1, further comprising: an extensions manager configured using code executed in the processor to provide communication between at least one of the virtual machine and the secure element manager, and a plurality of extensions associated with the plurality of mobile operating systems.
 6. The system of claim 1, wherein: each of the plurality of widgets is configured to be operable in the runtime environment, using code executing in the processor, without necessitating configuration directly with the plurality of mobile operating systems; and wherein each of the plurality of widgets can be added, removed, or updated without necessitating alteration of the runtime environment.
 7. The system of claim 1, wherein: the plurality of widgets are configured for authentication by the virtual machine; and wherein the secure element manager is configured to provide the at least one widget with access to the corresponding one of the one or more secure applications in response to the authentication by the virtual machine.
 8. The system of claim 1, wherein the at least one widget displays multimedia content associated with the corresponding one of the one or more secure applications.
 9. The system of claim 1, wherein the secure element is divided into a plurality of secure domains, and each of the one or more secure applications is stored in a respective secure domain.
 10. The system of claim 1, wherein the corresponding one of the one or more secure applications comprises at least one of a transport application, a credit/debit application, a coupon application, a secure access application, a loyalty card application, an electronic purse application, and a ticketing application.
 11. The system of claim 1, wherein the at least one secure element comprises at least one of a secure SIM card, a secure memory card, and secure internal memory.
 12. A method of providing a mobile distribution system, for use on a mobile electronic device having a processor, memory, and code in the memory for implementing a particular mobile operating system in the processor, and being operatively coupled to a secure element having one or more secure applications, the method comprising: generating a mobile client for distribution over a wireless network to the mobile electronic device, the mobile client comprising at least the following: a virtual machine configured to execute in the processor to provide a runtime environment capable of running a plurality of widgets and configured to enable the plurality of widgets to be operable on any of a plurality of mobile operating systems including the particular mobile operating system; and a secure element manager configured to enable at least one widget of the plurality of widgets to read from or write to the secure element by providing the at least one widget with access to a corresponding one of the one or more secure applications stored in the secure element, and enabling the mobile electronic device to perform at least one NFC transaction using the corresponding one of the one or more secure applications; wherein the secure element manager is configured to create an instance of a configured driver enabling accessing to the secure element in response to a request by the at least one widget to access the secure element; and wherein the secure element manager is configured to provide access to a plurality of secure elements; and distributing the mobile client to the mobile electronic device.
 13. The method of claim 12, the mobile client further comprising: a content handler configured to provide at least one of the following: communication between a third-party application installed on the mobile electronic device and the at least one widget; and communication between the third-party application installed on the mobile electronic device and the corresponding one of the one or more secure applications stored in the secure element; and a content handler plug-in, the content handler plug-in being implemented in the third-party application, and enabling the third-party application to operatively communicate with the content handler.
 14. The method of claim 13 the content-handler plug-in further comprising: a unified reference locator (URL) of the content handler for connection to the content handler; and at least one widget identifier associated with the at least one widget; wherein the at least one widget identifier is presented to the content handler via the URI, to enable access by the third-party application to the at least one widget.
 15. The method of claim 14, further comprising: initiating a download of the at least one widget from a widget distribution interface over the wireless network when the at least one widget identifier associated with the at least one widget is presented to the content handler by the third-party application, but the at least one widget is not presently installed on the mobile electronic device; and initiating a download of the third-party application from a third-party application distribution interface over the wireless network when the at least one widget attempts to communicate with the third-party application, but the third-party application is not presently installed on the mobile electronic device.
 16. The method of claim 10, the mobile client further comprising: an extensions manager configured using code executed in the processor to provide communication between at least one of the virtual machine and the secure element manager, and a plurality of extensions associated with the plurality of mobile operating systems.
 17. The method of claim 12, further comprising: generating the plurality of widgets, each of the plurality of widgets configured to be operable in the runtime environment, using code executing in the processor, without necessitating configuration directly with the plurality of mobile operating systems, and each of the plurality of widgets configured to be added, removed, or updated without necessitating alteration of the runtime environment; and distributing the plurality of widgets to the mobile electronic device over the wireless network.
 18. The method of claim 12, wherein: the plurality of widgets are configured for authentication by the virtual machine; and wherein the secure element manager is configured to provide the at least one widget with access to the corresponding one of the one or more secure applications in response to the authentication by the virtual machine.
 19. The method of claim 12, wherein the at least one widget displays multimedia content associated with the corresponding one of the one or more secure applications.
 20. The method of claim 12, wherein the secure element is divided into a plurality of secure domains, and each of the one or more secure applications is stored in a respective secure domain.
 21. The method of claim 12, wherein the corresponding one of the secure applications comprises at least one of a transport application, a credit/debit application, a coupon application, a secure access application, a loyalty card application, an electronic purse application, and a ticketing application.
 22. The method of claim 12, wherein the at least one secure element comprises at least one of a secure SIM card, a secure memory card, and secure internal memory. 